[ILUG-Social] Disturbing Anti-Virus Stuff - Case for Non

cybersean3000 at yahoo.com cybersean3000 at yahoo.com
Wed Dec 5 12:46:59 GMT 2001 

This from Extreme Tech Security -- Very worrisome.


FBI's "Magic Lantern" Trojan Snoops on Citizens; McAfee and 
Symantec Refuse to Block It Shortly after the US Congress passed 
the "USA PATRIOT Act," which authorized government agents to 
conduct unannounced "Sneak and Peek" searches.  An article posted 
on MSNBC.COM revealed that the FBI intended to plant a Trojan 
Horse program code-named "Magic Lantern" on the computers of 
citizens it suspected of crimes. (Apparently, the FBI had been 
engaged in such practices even before the bill was signed
into law; in October, the agency sought to suppress information about
keystroke logging technology it had used to obtain encryption keys
from the computer of alleged gangster Nicodemo Scarfo.)

Unfortunately, the FBI's enthusiasm for stealth technology has led to
a troubling development: complicity by vendors of security software.
According to an Associated Press article (first link below), Network
Associates, maker of the McAfee line of antivirus products, had
contacted the FBI so as to ensure that its products would NOT detect
computer tampering by government snoops. While Network 
Associates' public relations staff quickly published a narrowly worded 
denial, the reporter who wrote the original story stuck to his guns, 
saying that he'd been told of the policy by a Network Associates 
executive.

Shortly thereafter, Symantec, another antivirus vendor, also 
announced that it had pledged not to allow its antivirus software to 
detect the FBI's illicit code.

The prospect of "back doors" or intentional "blind spots" in security
products is particularly troubling because hackers and industrial
spies could exploit these weaknesses just as easily as could the
government. And both Symantec and Network Associates sell other
products upon which companies and individuals rely for security. NAI
also sells the Pretty Good Privacy (PGP) encryption software, the
Sniffer network monitoring products, and the Magic Solutions remote
control software, and Symantec's "Norton" line contains several
similar products.

Customers must now be concerned that any or all of these products
could potentially be rigged not to report possibly unconstitutional
snooping by the government--or by third parties who designed their
products to mimic the government's snooping software. Any or all 
could allow systems and networks to be compromised. The best 
alternatives may be products that are manufactured overseas--or 
"open source" products in which back doors can be usually be 
detected by inspection of the code.

http://www.factsquad.org/radio/2001-11-26.mp3 (a voice message)

http://www.washingtonpost.com/wp-dyn/articles/A1436-
2001Nov22.html

http://www.politechbot.com/p-02839.html

http://www.wired.com/news/conflict/0,2100,48648,00.html?tw=wn200
11127

http://www.politechbot.com/p-02851.html

http://www.msnbc.com/news/660096.asp?cp1=1

http://www.theregister.co.uk/content/55/23057.html

- - - -


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

More information about the Social mailing list